A Risk assessment must be carried out to determine vulnerabilities and threats, usage policies for vital systems need to be produced and all personnel security tasks has to be described The RSI security blog site breaks down the ways in certain element, but the method in essence goes like this: https://bristol-newsshow.com/press-release/2024-09-02/10769/nathan-labs-expands-cyber-security-services-in-saudi-arabia